Archive for December, 2015

The year 2015 was marked by an unexpected increase in both the numbers and methods of carrying out cyberattacks. With an overwhelming move towards mobile and cloud computing, 2016 is also likely to witness certain additional developments in the field of security risks.

Here are some of the predicted cyber security trends for 2016 that need to be watched out by businesses:

Internet Of Things

As more devices become connected to the internet, physical objects continue to be targeted by the hackers. Unpatched security vulnerabilities in smart TVs, cars, wearable devices, refrigerators etc. are likely to be exploited in order to initiate a more sophisticated attack. Manufacturers of Internet of Things (IoT) devices should lay more focus on increasing security instead of including enhanced features.

Attacks Through Apps

Apps have now become the new way to access the internet. A minor security flaw tends to compromise the privacy of the mobile device as well as the entire company network. Also, people store a lot of sensitive information on their phones, such as credit card details, internet banking passwords, social security number etc. Thus, it is important to download apps from credible sources and keep them updated to ensure the safety of your data.

Advertizing And Tracking

Search engines track your search history to personalize your internet browsing experience. Various advertizing networks tend to create a detailed profile of the users which can put their security at risk. Advertizing, a form of cyber-attack, involves disguising spam code into online advertizements that seem to be legitimate and may interest the user. When you click or simply hover above these ads, malicious software may be downloaded to damage data, steal information or take complete control of your device.

UDP Amplification Attacks

This is a relatively new type of DDoS attack that may lead to a large scale security breach in 2016. In a UDP (User Datagram Protocol) based amplification attack, the attacker overwhelms random ports on the targeted host with relatively small requests of hoaxed IP addresses. This causes the host to respond to the victim, which ultimately makes the system overwhelmed and unresponsive to other clients.

Ransomware

There are many malware such as CryptoLocker and CryptoWall that are used to prevent or restrict users from accessing their computer systems. When the malware is installed on a computer, the victim is required to pay a sum of ransom to the hackers in order to restore the data.

We, at Centex Technologies, can help in the implementation of an efficient cybersecurity plan for businesses across Central Texas. For more information, you can call us at (855) 375 – 9654.

Unsecure wireless routers are targeted by most cybercriminals to carry out hacking attacks. After gaining control of your router, they can easily track, block, redirect or alter the online activities being performed on the network. With an increase in the number of network breaches, it has become even more important to improve the security of your internet router. Here are some tips that can help:

Change the default logins: Most routers use a default username ‘admin’ and a system generated password from certain known algorithms, making them easy to be guessed by the hackers. Therefore, it is critical that you change your login credentials to a unique username and a strong password. You should not use your name, date of birth, home address or any other personal information as the password.

Change Default IP Ranges: The default IP ranges, usually 192.168.1.1, is quite predictable by the hackers and may lead to cross-site request forgery (CSRF) attacks. Users can prevent themselves from such attacks by changing their IP range to something different, such as 10.8.9.7.

Enable MAC Filtering: Restrict the number of devices that can access your internet connection by enabling MAC filtering. Even if a user has the password to your Wi-Fi network, he would not be able to connect to the router if their device’s MAC address is not listed by the router’s admin console.

Turn Off WPS: Wi-Fi Protected Setup (WPS) allows the users to bypass password and connect to the internet simply by entering a default eight digit pin usually printed on the router itself. Though it offers convenience to the authorized users, it also makes it easier for the hackers to gain access to your corporate network. To avoid this, you must turn off WPS and enable WPA2 encryption to limit access to your router with a complex password of more than 20 characters.

Update Router Firmware: Make sure you keep your router’s firmware updated. Frequently check the administrative interface to look for upgrades to fix various security flaws. Logging into the router routinely will also allow you to identify any unusual behavior that may indicate unauthenticated online activities.

Log Out After Each Session: Once you have configured the router’s settings, do not forget to log out to prevent abuse of authorized browser sessions. Many routers do not automatically logout after the admin page is accessed, thus, allowing the hackers to bypass the authentication process to gain access.

Ransomware is a type of malware that uses a malicious software code to lock a user’s computer and allows access only after certain ‘ransom’ fee is paid. It may infect the system in the form of a Trojan horse or worm by exploiting a security flaw. Ransomware usually spreads through email attachments, spam website links or infected software applications. Once executed in a computer, the malware can either lock the entire system or encrypt the stored data with a password.

Types Of Ransomware

Cryptowall: This ransomware is mainly spread through spam emails that contain a malware infected attachment claiming to be an important message. Once the user opens the attachment, the malware is executed and the device gets locked.

FBI Ransomware: It is installed on a user’s computer once he visits a website with malicious script. When the system is infected, it displays a message, purported to be from FBI, that the computer has been blocked and the user needs to pay a fee to restore his data.

Power Worm: This is probably the most perilous type of ransomware in which the victim’s data is not only encrypted but the key to restore the information is also destroyed. In such a malware attack, the only option to get the data is to restore it from back-up.

Chimera: The Chimera malware works by threatening to post the victim’s files on the internet if he does not pay the demanded ransom. In such situations, even if a user has a back-up of the files, he might get convinced to pay the fine just to prevent the files from being leaked.

Defending Against Ransomware

Never open embedded URLs or attachments in emails from an unknown source.

Referrer spam can be defined as a practice of directing fake traffic to a website or product page. Also known as referrer bombing or log spam, the technique mainly involves flooding a website with traffic from different countries, IP addresses and devices but through the same referrer. The purpose of the spammer is to compel the website administrator to notice the traffic in the analytics report, visit the website and buy their product or service.

A referrer is a third party source, such as an email, forum or search engine, through which a visitor navigates to your website. This information is generally tracked by your analytics platform to give relevant information about the source of your website’s traffic. When spammers replace this data with a fake website URL that they want to promote, these links are indexed by search engines while crawling the access logs, thus improving the websites’ rankings.

Types Of Referrer Spam

Ghost Referrer Spam: In this, the spammers are able to directly submit data into your analytics account, by-passing your website in the process. This means that the fake HTTP requests will be sent to the Analytics servers, without the traffic even visiting your website.

Crawler Referrer Spam: This type of spam involves using a bot to actually crawl through your website with a fake referrer URL or link. However, web crawlers are not as common as ghost referrer spams.

How To Stop Referrer Spam?

The most viable solution to stop spam bots from visiting your website is by blocking them in your .htaccess file. This will completely stop the referrer links from hitting your website.

Implement a genuine hostname filter to protect against ghost traffic.

Turn on Google’s bot and spider filter option.

Use spam crawler filters to remove targeted spam visits.

Password-protect the site logs to prevent search engine spiders form accessing them.

Include a rel=”nofollow” attribute in the spam URLs. This will prevent the search engine bots from following and indexing the fake website.

The pages that display your website’s traffic statistics should be put into the robots.txt file to exclude them from being crawled by search engine.

We, at Centex Technologies, provide complete cyber security solutions to the business firms in Central Texas. For more information, feel free to call us at (972) 375 – 9654.

Social Networks

Author

Abdul Subhani

I am the President & CEO of
Centex Technologies Microsoft Small Business Specialist, Certified E-Commerce Consultant, Certified Ethical Hacker, Certified Fraud Examiner, Virtual Instructor and an IT Consultant/Speaker on IT Security, Networking, Small Business Architect, & SEO Internet Marketing.